Re: CORS restrictions on preflight (too) strict?

> I think Ruben went wrong trying to argue all Accept-* headers are
> safe.

I still haven't been proven wrong, but I get your point.

> or pursued the
> "Safe-*" header option Anne suggested. Though that, of course, would
> require the Memento protocol changing it's headers.

…and that's of course not feasible.

But the more interesting option, as suggested by Anne in another channel,
is Origin Policy:



Received on Friday, 3 August 2018 23:22:32 UTC